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REMARKS 

The first Office Action, mailed November 30, 2004, considered and claims 1-34 in view 
of various combinations of Cohen, Puhl and Staikovich*. The drawings were also objected to 
because reference numerals in the specification did not match reference numerals shown in the 
drawings. Appropriate changes have been made to the specification to correct this eiror. 

Claims 1, 12 and 21 have also been amended and claim 15 has been cancelled, such that 
claims 1-14, 16-34 remain pending for reconsideration, of which claims 1, 12 and 21 are the 
independent claims at issue. 

Claim 1 is generally directed to an embodiment for authenticating a client to provide 
access to network resources by using an innovative gateway to implement a method that includes 
defming an authentication filter at a gateway that is remotely interposed between a remote client 
and a content server, wherein the authentication filter includes a domain identifier and a 
usemame modifier for mapping authentication credentials received from the remote client 
according to pre-established criteria. The method also includes receiving authentication 
credentials at the gateway fi-om the remote client that include both a domain and a user name 
corresponding to access permissions for accessing the resources at the content server through the 
domain. The received authentication credentials are then mapped based on the pre-established 
criteria, and by changing at least one of the domain and user name received from the remote 
cUent to different domain or user name. Then, the mapped authentication credentials are sent to 
the network, and such that the client's access to the content source is based On the mapped 
authentication credentials comprising the at least one of a changed user name and a changed 
domain. 

Claim 21 is directed to a corresponding computer program product having computer- 
executable instructions for implementing the method described above. 

* Claims 1-7, 12-18, 22-30 were rejected under 35 U.S.C § 103(a) as being anticipated by Cohen. Claims 8, ]9» 34 
wcrt rejected under 35 U.S.C. § 103(a) as being unpatentable over Cohen (U.S. Patent No. 6»1 78,51 1) as applied to 
claims 1, 12 and 24 and fbrthtr in view of Puhl (U.S. Patent No. 6»223;29l). aaioB 9-12, 20-21 and 31-33 also 
appear to be rejected in view of Cohen and Starkovich (U.S. Patent No. 6,715,080). Although the prior art is not 
being challenged at this time, applicants reserve the right to challenge the purported prior art status of these 
references at any appropriate time, should it arise. The teachings of the secondary references are also not 
specifically addressed by this paper inasmuch as they were only used to reject dependent claims that should now be 
found allowable for at lea^ the same reasons as asserted with regard to the independent claims. However, this 
silence regarding the secondary references should not be construed as Applicants acquiescing to the puiported 
teachings of these references, bi fact Applicants expHcitly reserve the right to challenge these asserted teachings at 
any appropriate time in the future, should it arise. 
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The last independent claim, claim 12, is directed to a similar method of claim 1, only 
using functional elements and language (e.g., "steps for") in place of the non-functional acts 
recited in claim 1. Claim 12 also corresponds more specifically to an embodirnent in which the 
client is a mobile client and such that the gateway receives the client authentication credentials 
from a WAP server interposed between the gateway and the client. 

In the last action it was asserted that Cohen anticipates many of the claims, including the 
independent claims. Apphcanls respectfully submit however, that Cohen fails to teach or 
disclose or even suggest the claimed invention, either singly or in combination with the other 
cited art of record. In particular, Cohen is generally directed to a Single Sign On (SSO) system 
that coordinates a single xiser login (ED & password) with many local and remote resources and 
such that the user does not have to remember all of the different passwords for each login 
application. Col. 2, 11. 24-29 and Col. 6, 11. 46-48. 

Cohen does not, however, disclose that a gateway interposed between a remote client and 
a content server that includes an authentication filter configured to receive authentication 
credentials including both a domain and a user name from a remote client, wherein said filter is 
configured to change at least one of the domain and xiser name in order to map the authentication 
credentials to authentication credentials maintained on the network, as claimed- This is also 
particularly true when considering such changes can include changing the domain, which is 
provided by the client (claim 5), changing the suffix or prefix of the user name or any characters 
of the name (claims 6-7, 12), and that the gateway can receive the authentication credentials 
from a WAP. 

Although Ae latest Office Action asserted that Cohen teaches the changing of a domain 
or user name. Applicants respectfully disagree. In particular, the portion of Cohen cited by the 
Examiner for this teaching (Col. 5, II. 30-45) only clarifies the information contained by the 
PKM and that can be used with the CIM entries to login to other applications. In fact, Cohen 
does not change the domain or user name of a user at all, they only use the login information to 
access the PKM passwords and keys to provide them to the local logon coordinator, which is 
used with the target logon information received from the CIM to sign-on to the various target 
systems and ^plications. Col 6, 11. 38*42. Cohen does not actually change the domain or user 
name. Instead, Cohen merely describes a way to protect and utilize login information stored at a 
remote PKM and CIM, which can be retrieved and used by an automated GUI to automatically 
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log into other applications without the user having to remember all of the passwords. Col, 2, 11, 
36-51- In contrast, the present invention involves changing at least one of the user name and the 
domain provided by the user so that "if a client's credentials are compromised, attempts to 
authenticate with the credentials that do not involve the gateway will fail because the specified 
domain, user name, or both, do not exist on the network." Page 6, 11. 17-19. 

Applicants also submit that the other cited ait fails, in combination with Cohen, to teach 
or suggest such the methods described above and as recited in the pending claims. In fact the 
other art was not even cited for these propositions. Accordingly, for at least these reasons. 
Applicants respectfully submit that the pending claims are now in condition for prompt 
allowance. 

In the event that the Examiner fmds remaining impediment to a prompt allowance of this 
apphcation that may be clarified through a telephone interview, the Examiner is requested to 
contact the undersigned attorney. 




Respectfully submitted. 
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